package com.yangmao.yangapiinterface.controller;
import com.yangmao.yangapi_client_sdk.model.User;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;

/**
 *  模拟名称API  接口
 *
 * @author yangmao
 */

@RestController
@RequestMapping("/name")
public class NameController {

    @GetMapping("/get")
    public String getNameByGet(String name){
        return "GET 你的名字是" + name;
    }

    @PostMapping("/post")
    public String getNameByPost(@RequestParam("name") String name){
        return "POST 你的名字是" + name;
    }

    @PostMapping("/user")
    public String getUserName(@RequestBody User user, HttpServletRequest request){
//        String accessKey = request.getHeader("accessKey");
//        String timestamp = request.getHeader("timestamp");
//        String nonce = request.getHeader("nonce");
//        String body = request.getHeader("body");
//        String sign = request.getHeader("sign");
//
//        // todo 实际情况中是数据库中查询是否给用户分配权限
//        if(!accessKey.equals("yangmao")){
//            throw new RuntimeException("无权限");
//        }
//
//        if(Long.parseLong(nonce)> 10000 ){
//            throw new RuntimeException("无权限");
//        }
//
//        // todo 实际情况中是从数据库中查出secretKey
//        String serverSign = SignUtils.genSign(body, "abcdefgh");
//
//        if(!sign.equals(serverSign)){
//            throw new RuntimeException("无权限");
//        }


        return "POST 用户名字是" + user.getUsername();

    }


}
